b93d58990bf27ba8d109aab974f70b19_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b93d58990bf27ba8d109aab974f70b19_JaffaCakes118
Size

60KB
MD5

b93d58990bf27ba8d109aab974f70b19
SHA1

7c0bab6b2bede0435a2c2661368edb93ac35d729
SHA256

53b8d2495bad82406d27c655fd3b8ed2cec1c405e880f3372dcf85de4caa2a52
SHA512

63e328c1022065ff117db43a47f1c9d55b3f57d89907b71aeb219043aff2beefc85ef0ed40f1a9db04894a73f539aa896a97695b40e5d94d091dd1aa54351a80
SSDEEP

1536:ZO5mMNCkr51jbn08l6tGLmjxzU2KQ/aVVJrd4:ZO5mMNlLkA6tPFzlf/aV/h4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b93d58990bf27ba8d109aab974f70b19_JaffaCakes118

Files

b93d58990bf27ba8d109aab974f70b19_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3eb6e425c6ca3efeb3fac8af9393fadb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualProtectEx
ExitProcess

user32

CloseWindow
DestroyWindow

Exports

Exports

Squfpbqeg

Sections

.text
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sec3
Size: 8KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ